Sujet : Re: Yet Another New systemd Feature
De : gtaylor (at) *nospam* tnetconsulting.net (Grant Taylor)
Groupes : comp.os.linux.miscDate : 09. May 2024, 03:44:21
Autres entêtes
Organisation : TNet Consulting
Message-ID : <v1h9pl$kln$4@tncsrv09.home.tnetconsulting.net>
References : 1 2 3 4 5 6
User-Agent : Mozilla Thunderbird
On 5/8/24 01:27, Marc Haber wrote:
I have not worked in a single environment where the root password was common knowledge.
There's common knowledge of, or accessibility to, the root (or pick your target account) password and then there's using it daily to get to root.
My current day job uses su to get to root multiple times a day. But that's because I've not been there long enough nor had the opportunity / free time to migrate to sudo or ksu (but we don't have Kerberos in the Unix environment). I've already talked about it with co-workers and management and have gotten a nod of approval to put together a plan to implement sudo. But time is a scares resource.
All environments I have worked in used personalized sudo to escalate privileges. One even (the best one!) encouraged people not to escalate to a root shell but type sudo for every single command as this leaves a nice audit trail.
That is where I want us to get to.
Doing so is considerably easier on Debianesque systems than in the Red Hat world due to the more open directory permissions in Debian.
Please elaborate.
I've not noticed any difference in implementing sudo on Debian vs Red Hat. Or are you alluding to group / other permissions to access things without needing to use sudo?
-- Grant. . . .